Malicious PDF — malware analysis report

Static analysis result for SHA-256 f031e5a51927b72f…

MALICIOUS

PDF

14.5 KB Created: 2019-05-02 05:09:44 +01:00 Authoring application: mPDF 5.7
MD5: 34d56cdb2723252729e173673a11bc3e SHA-1: 3b7480a0665e4273382e3cfc9a737bbcbb433682 SHA-256: f031e5a51927b72ff6742d6f185f73390515fe3da6af7bde1f7bffa642428c25
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links to external PDF files, as indicated by the PDF_SEO_LINK_FARM heuristic. The ML classifier also flagged this as malicious with high confidence. The document body confirms the presence of these links, suggesting a link farm or SEO manipulation tactic. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9891

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1090097092094/Still-Missing-by-Chevy-Stevens.pdf
    • http://loaminoo.linkpc.net/1095098091091096/That-Night-by-Chevy-Stevens.pdf
    • http://loaminoo.linkpc.net/1090097091091094092/The-Classic-69-Chevy-Camaro-by-Eric-Stevens.pdf
    • http://loaminoo.linkpc.net/8094099099091093/Knowing-Me-Knowing-God-by-Malcolm-Goldsmith.pdf
    • http://loaminoo.linkpc.net/1090092091090095090/How-to-Build-Max-Performance-Chevy-Rat-Motors-Hot-Rodding-Big-Block-Chevys-90s-Style-by-Ed-Staffel.pdf
    • http://loaminoo.linkpc.net/7095097094093094/Knowing-God-by-J-I-Packer.pdf
    • http://loaminoo.linkpc.net/3094098095090097/Shine-The-Knowing-Ones-by-Amy-Freeman.pdf
    • http://loaminoo.linkpc.net/6099090095090093/Knowing-to-Know-by-Liliane-Boctor.pdf
    • http://loaminoo.linkpc.net/1099090091094092/Knowing-Christ-by-Mark-Jones.pdf
    • http://loaminoo.linkpc.net/1090096098092095091/Tales-of-Un-Knowing-by-Ernesto-Spinelli.pdf
    • http://loaminoo.linkpc.net/1099098096098/Knowing-When-to-Stop-A-Memoir-by-Ned-Rorem.pdf
    • http://loaminoo.linkpc.net/5094095093097/The-Fear-of-Knowing-by-Tisha-Starr.pdf
    • http://loaminoo.linkpc.net/1090098093096098096/Knowing-God-s-Word-by-Christa-Kinde.pdf
    • http://loaminoo.linkpc.net/3099093092098094/Letters-of-Wallace-Stevens-by-Wallace-Stevens.pdf
    • http://loaminoo.linkpc.net/2097095095098091/Poems-Wallace-Stevens-by-Wallace-Stevens.pdf
    • http://loaminoo.linkpc.net/1090099093091099/Learning-to-See-The-Knowing-Trilogy-1-by-Alyssa-M-Carlough.pdf
    • http://loaminoo.linkpc.net/4090096099098099/The-Power-of-Self-a-Practical-Guide-to-Knowing-the-Self-by-Kim-Michaels.pdf
    • http://loaminoo.linkpc.net/1098099098092098/Experiencing-God-Knowing-and-Doing-the-Will-of-God-Workbook-by-Henry-T-Blackaby.pdf
    • http://loaminoo.linkpc.net/1096090098093099/Not-Knowing-Jack-Ohio-Books-2-by-K-A-Mitchell.pdf
    • http://loaminoo.linkpc.net/4090092095098091/Nonsense-The-Power-of-Not-Knowing-by-Jamie-Holmes.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.